[2158] in Kerberos_V5_Development
Re: krb5_mk_priv keeps a replay cache
daemon@ATHENA.MIT.EDU (Theodore Y. Ts'o)
Fri Jan 3 01:49:19 1997
Date: Fri, 3 Jan 1997 01:49:12 -0500
From: "Theodore Y. Ts'o" <tytso@MIT.EDU>
To: Marc Horowitz <marc@cygnus.com>
Cc: krbdev@MIT.EDU
In-Reply-To: Marc Horowitz's message of 02 Jan 1997 18:05:15 -0500,
<t53u3ozoez8.fsf@rover.cygnus.com>
From: Marc Horowitz <marc@cygnus.com>
Date: 02 Jan 1997 18:05:15 -0500
Is there a reason for this, or should be code be shot and killed at
dawn?
The KRB5_AP_PRIV message can protect against replay using either a
sequence number, or using a timestamp. If you're using a timestamp, you
need the replay cache as well to provide full protection against
replays.
(Don't look at me; I'm not responsible for most of bogusity/brain damage
in the krb5 protocol specification. Second system disease struck in a
big time while John and Cliff were designing the krb5 protocol; they
should have been better about saying NO when people asked for their
favorite pet features....)
- Ted
